To our valued Leidos candidates:

Coronavirus is on everyone's mind with the effects being felt around the world. The markets are volatile, and we're all concerned for the health and safety of our families, friends, and colleagues. Please know that we're taking all necessary measures to safeguard our employees, customers and the communities in which we live, including following all recommended best practices around social distancing.

With that in mind, in an abundance of caution, we are canceling all face to face career events, such as job fairs and open house events. In the coming days and weeks, we will be hosting career events virtually, using our online chat tools so that we may continue our hiring practice safely and securely. You can find available virtual career events at

We are using telephone meetings and online chats via Brazen to conduct interviews and hiring discussions, and we are offering options for video interviews so that you can have a virtual face to face meeting with your potential new leader. We do not conduct interviews or extend offers via text or chat based social media, such as WhatsApp or MySpace.

Leidos will never ask you to provide payment-related information at any part of the employment application process, nor will Leidos ever advance money as part of the hiring process. And Leidos will communicate with you only through emails that are generated by automated system. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to Chris Scalia, Leidos’ Senior Vice President of Talent Acquisition, at [email protected].

As a company, as a country, as a world, we have confronted challenging moments before. We are confident that, guided by our values and the strength of our community as well as the commitment we have to the important work we do each day, we will find our way through this time together. We will do this with the care and concern for one another and the common good that defines. Please keep those impacted by the virus in your thoughts.

Close Window
Join our talent network

Job #: R-00126394
Location: Farnborough, HAM
Category: Cyber Operations
Schedule (FT/PT): Full Time
Travel Required: No
Shift: 12 Hour Shift Pattern
Potential for Telework: Yes, 50%
Clearance Required: UK - DV


Cyber Defence Analyst

Location: Farnborough on a shift pattern

The Role:

Leidos, a Global IT Solutions Provider specialising in large scale implementations involving science, engineering, and technology, require a Cyber Defence Analyst to work in their CSOC (Cyber Security Operations Centre) Team. 

The Cyber Defence Analyst will be expected to contribute to the growth and development of the CSOC.  You will work with a wide variety of stakeholders to ensure, the Leidos CSOC, a Defensive Cyber Security capability, can support a customer’s Cyber Resilience, protecting them with a 24 x 7 Threat Detection and Response service, mitigating their risk of Cyber Attack.

What will I be doing?

  • You will be a Cyber Defence Analyst in the CSOC, working on shifts, as part of a Defensive Cyber Security Team, whose objective is to protect customers with a 24 x 7 TDR service, detecting and responding to cyber-attack at the earliest opportunity.
  • You will be a part of an Industry and Profession which evolves daily in response to global adversaries and their malicious objectives to destructively impact digital services and lives.
  • You will be a part of a Team who are responsible for protecting customer solutions in the cloud and on premise from cyber-attack.
  • You will be a part of a Team who protect customers solutions at various security classifications.
  • You will use cyber security tooling to detect and investigate suspicious activity and threats.
  • You will define countermeasures which can be used in action plans to respond to Cyber Security Incidents and mitigate threats.
  • You will collate and analyse data to deliver root cause analysis in a Cyber Security Incident.
  • You will follow and contribute to the improvement of the Cyber Security Incident Response Process and other processes, procedures, and guidelines.
  • You will follow and contribute to the improvement of Playbooks.
  • You will follow Use Case and Threat Hunting Frameworks.
  • You will proactively exploit Cyber Threat Intelligence which you will use to create Vulnerability Assessments and Cyber Threat Intelligence Bulletins to be shared amongst the Business.
  • You will create and develop SIEM rules from customer requirements or CTI to safeguard customer environments.
  • You will use Indicators of Compromise to proactively hunt for threats.
  • You will collate data and create monthly Management Information packs which will be used to describe the performance of the CSOC to customers.
  • You will complete shift handovers with meaningful explanations and updates.
  • You will record the investigation of alerts and Cyber Security Incidents with sufficient and meaningful information.
  • You will collaborate with multiple stakeholders to ensure the CSOC on board new customers.
  • You will work a hybrid working model and be expected to work onsite during day shift Monday to Friday and in the future according to Business need be expected to work onsite.

What does Leidos need from me?

The successful candidate will be able to demonstrate proven experience from a CSOC background or be able to demonstrate sufficient transferable Cyber Security knowledge, qualifications, aptitude, enthusiasm, positivity, and passion to quickly learn the Cyber Defence Analyst role. 

To succeed in the role the candidate must be capable of working under pressure, delivering on multiple customer accounts and have an appetite to progress and develop their own Cyber Security career.

The role will be working within the CSOC, adhering to a matrix managed environment, reporting operationally to the CSOC Lead and accountable to the CSOC Manager.

We would expect that you would have the below knowledge, experience and interest;

  • Experience of Splunk or Sentinel or displays aptitude to learn how to work with a SIEM.
  • Experience of AWS or Azure or displays aptitude to learn those cloud platforms.
  • Experience or knowledge of Cyber Security Incident Response, Cyber Threat Intelligence, Vulnerability Management and Cyber Threats.
  • Already a CSOC Analyst or a Cyber Defence Analyst with experience of investigating Cyber Security Incidents and supporting root cause analysis or can demonstrate transferable skills and acumen to learn and excel at it.
  • Understanding of current trends for malware, ransomware and Advanced Persistent Threats affecting Cloud Platforms and On-Premise solutions.
  • Knowledge or experience of creating and developing SIEM rules from customer requirements or Threat Intelligence to safeguard customer environments.
  • Knowledge or experience of basic network security principles and protocols.
  • Knowledge or experience of network and boundary protection controls.
  • Knowledge or experience of using as many as detective and preventative Cyber Security tools e.g., Security Information Event Monitoring (SIEM), Security Orchestration and Automated Response (SOAR), User End Point Behaviour Analytics (UEBA), End Point Protection (EPP), End Point Detection and Response (EDR), Web Application Firewall (WAF) and Firewalls
  • Proficient with the full suite of Microsoft Office products Word, Excel, Visio.
  • It would be desirable if you have had exposure to working on or within Government classified systems or programs.

What Communication and Soft Skills are needed from me?

  • Good verbal and written communication skills required for hand overs, reports, and documenting events during a Cyber Security Incident.
  • Positive and proactive attitude works well in a team environment, open to taking feedback to learn, able to cope with team dynamics with differing viewpoints and can also work with minimal supervision.
  • Ability to build strong relationships with customers and internal stakeholders.
  • Ability to logically analyse a problem and identify a plan to fix or remediate.
  • Ability to track market trends and suppliers to keep at the forefront of Cyber Security Technology.
  • Ability to manage multiple streams of work, prioritising, and escalating, as necessary.
  • A self-starter who can see past obstacles driving a solution through to completion.
  • Flexibility to cover shifts at short notice to ensure the CSOC can continue to protect its customers.

Additional information about the role

  • Candidates must be eligible to hold and maintain DV clearance.
  • Candidate must be British and non-dual national.
  • Required to physically work out of Farnborough and support programs from there when on day shift Monday to Friday.
  • Hybrid working is possible when not needed to work onsite Monday to Friday day shift and subject to change according to future Business and Customer contractual needs.
  • Required to work on shift, 12 hours on 12 hours off, 4 days or night in a row and then repeat for a 2nd shift block of the same and then switch to the next shift either day or night for a two shift block and repeat.

What we do for you:
At Leidos we are PASSIONATE about customer success, UNITED as a team and INSPIRED to make a difference. We offer meaningful and engaging careers, a collaborative culture, and support for your career goals, all while nurturing a healthy work-life balance.
We provide an employment package that attracts, develops and retains only the best in talent. Our reward scheme includes:
•    Contributory Pension Scheme
•    Private Medical Insurance
•    33 days Annual Leave (including public and privilege holidays)
•    Access to Flexible benefits (including life assurance, health schemes, gym memberships, annual buy and sell holidays and a cycle to work scheme)

•    Dynamic Working 

Commitment to Diversity:

We welcome applications from every part of the community and are committed to a truly diverse and inclusive culture.  We foster a sense of belonging, welcoming all perspectives and contributions, and providing equal access to opportunities and resources for everyone.  If you have a disability or need any reasonable adjustments during the application and selection stages please let us know, and we will respond in a way that best fits your needs.

Who We Are:

Leidos UK & EUROPE – we work to make the world safer, healthier, and more efficient through technology, engineering and science.

Leidos is a growing company delivering innovative technology and solutions focused on safeguarding critical capabilities and transformation in frontline services, our work in the United Kingdom includes addressing some of the most complex problems in defence, healthcare, government, safety and security, and transportation.

What Makes Us Different:

Purpose: you can use your passion and abilities at Leidos to keep the people you care about safe. We are at the forefront of machine learning, AI, cyber security and solutions. Using your skills in the technology frontline by helping to build a safer world.  You can inspire change.

Collaboration: having flexibility to do your job is one of our core benefits, enabling you to become part of our extraordinary team.  We have been empowering our people to work flexibly for years.  Whether you work from home, the office or on customer sites, we will give you the digital tools and the flexibility to work smarter and align your needs and ours.          

People: Leidos empowers people from every background to be themselves and gives you the tools to learn new skills by enabling growth whilst developing. We believe that extraordinary people need opportunities to grow, to be inspired and to inspire others. At Leidos, we invest in technical academies, career rotations and a career development plans that enhance your future.

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Original Posting Date:


While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

   Save Job Saved

Talent Community

Join our Talent Community to create a profile, enabling a streamlined application process and to help our recruiters better understand your areas of expertise and interest.

Join our Talent Community